Unrated severityNVD Advisory· Published Aug 2, 2021· Updated Sep 16, 2024
QSAN Storage Manager - Reflected Cross-Site Scripting
CVE-2021-37216
Description
QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 2 more
- (no CPE)
- (no CPE)range: unspecified
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- www.twcert.org.tw/tw/cp-132-4962-44cd2-1.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.